[Security Announce] [ MDKSA-2007:137 ] - Updated krb5 packages fix vulnerabilities
Posted on: 06/27/2007 06:35 AM

The Mandriva Security Team published a new security update for Mandriva Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2007:137
http://www.mandriva.com/security/
_______________________________________________________________________

Package : krb5
Date : June 26, 2007
Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0,
Multi Network Firewall 2.0
_______________________________________________________________________

Problem Description:

David Coffey discovered an uninitialized pointer free flaw in the
RPC library used by kadmind. A remote unauthenticated attacker who
could access kadmind could trigger the flaw causing kadmind to crash
or possibly execute arbitrary code (CVE-2007-2442).

David Coffey also discovered an overflow flaw in the same RPC library.
A remote unauthenticated attacker who could access kadmind could
trigger the flaw causing kadmind to crash or possibly execute arbitrary
code (CVE-2007-2443).

Finally, a stack buffer overflow vulnerability was found in kadmind
that allowed an unauthenticated user able to access kadmind the
ability to trigger the vulnerability and possibly execute arbitrary
code (CVE-2007-2798).

Updated packages have been patched to prevent this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2798
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2007.0:
c40e0406d699b6462958ba826bc07b0f 2007.0/i586/ftp-client-krb5-1.4.3-6.2mdv2007.0.i586.rpm
277d33c0658a89d6cb84cb1f59c92c26 2007.0/i586/ftp-server-krb5-1.4.3-6.2mdv2007.0.i586.rpm
113dac274e1114a18cc98574751bce78 2007.0/i586/krb5-server-1.4.3-6.2mdv2007.0.i586.rpm
e8cdd1aabdf760187281469abe2652ba 2007.0/i586/krb5-workstation-1.4.3-6.2mdv2007.0.i586.rpm
c7e9a8326e18ea7f0b410422f3a6606e 2007.0/i586/libkrb53-1.4.3-6.2mdv2007.0.i586.rpm
a0adaedd79d3277d2854e8ca090f209d 2007.0/i586/libkrb53-devel-1.4.3-6.2mdv2007.0.i586.rpm
6150e3f69a9d45e045933c8d26a2ba31 2007.0/i586/telnet-client-krb5-1.4.3-6.2mdv2007.0.i586.rpm
d31790fb758cc166a014ecc8d4add4ec 2007.0/i586/telnet-server-krb5-1.4.3-6.2mdv2007.0.i586.rpm
8ddcbd575ad6a4e62439b3703ad3c7ce 2007.0/SRPMS/krb5-1.4.3-6.2mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
4b4b657644f4cd0c7c33120c761b726a 2007.0/x86_64/ftp-client-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm
18039af3abc4be030a77e90394a88a32 2007.0/x86_64/ftp-server-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm
320c60b4082483bd985e30b2cd0fe6a4 2007.0/x86_64/krb5-server-1.4.3-6.2mdv2007.0.x86_64.rpm
8a7244f4a692acbdca04876c1e46d005 2007.0/x86_64/krb5-workstation-1.4.3-6.2mdv2007.0.x86_64.rpm
0166bcd0000d113fa384f0203e076bd5 2007.0/x86_64/lib64krb53-1.4.3-6.2mdv2007.0.x86_64.rpm
071527893b9eba78d4ed36fbe3cf7420 2007.0/x86_64/lib64krb53-devel-1.4.3-6.2mdv2007.0.x86_64.rpm
f2e098076719090d0a6770120cd30cc8 2007.0/x86_64/telnet-client-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm
244dd2dfed4c33af6c5c407f9e748696 2007.0/x86_64/telnet-server-krb5-1.4.3-6.2mdv2007.0.x86_64.rpm
8ddcbd575ad6a4e62439b3703ad3c7ce 2007.0/SRPMS/krb5-1.4.3-6.2mdv2007.0.src.rpm

Mandriva Linux 2007.1:
0e97e3acc4d6576ec1056b84bf56d0f0 2007.1/i586/ftp-client-krb5-1.5.2-6.3mdv2007.1.i586.rpm
a925df48618989379f3e2033a63574fa 2007.1/i586/ftp-server-krb5-1.5.2-6.3mdv2007.1.i586.rpm
5b5bbdf3ce50e207bb8af9b51e870566 2007.1/i586/krb5-server-1.5.2-6.3mdv2007.1.i586.rpm
7a0ec635b839a1bd581f4d66b4ced6ac 2007.1/i586/krb5-workstation-1.5.2-6.3mdv2007.1.i586.rpm
d4471551ede1911b808a9727806dae2e 2007.1/i586/libkrb53-1.5.2-6.3mdv2007.1.i586.rpm
933ed747e6aa73bf183dd8e7a08a6f46 2007.1/i586/libkrb53-devel-1.5.2-6.3mdv2007.1.i586.rpm
abadf7a96beb3d8dcce72610f58a8c06 2007.1/i586/telnet-client-krb5-1.5.2-6.3mdv2007.1.i586.rpm
c66b3a784087e698037e143fa95ee0c1 2007.1/i586/telnet-server-krb5-1.5.2-6.3mdv2007.1.i586.rpm
ea1893535e462dd1919bd0abedbed87e 2007.1/SRPMS/krb5-1.5.2-6.3mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
47e94578a13f82a20f4d000f8392eb02 2007.1/x86_64/ftp-client-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm
50b2d99b55411b4a721c3a613ad5ba2a 2007.1/x86_64/ftp-server-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm
27fcedcfa2741bf0f8049a4cc176bd81 2007.1/x86_64/krb5-server-1.5.2-6.3mdv2007.1.x86_64.rpm
5839bb7446c0f6f999f141f8b27bd08a 2007.1/x86_64/krb5-workstation-1.5.2-6.3mdv2007.1.x86_64.rpm
8e7315638bab378e0257cb89a2aa69e8 2007.1/x86_64/lib64krb53-1.5.2-6.3mdv2007.1.x86_64.rpm
27aaf37c6e64f000cc5b98d3ffb81700 2007.1/x86_64/lib64krb53-devel-1.5.2-6.3mdv2007.1.x86_64.rpm
dc945c4871d314bc3eff2d3bfe51d8d2 2007.1/x86_64/telnet-client-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm
e702159871325f6e4eae2ba4eda4b1fa 2007.1/x86_64/telnet-server-krb5-1.5.2-6.3mdv2007.1.x86_64.rpm
ea1893535e462dd1919bd0abedbed87e 2007.1/SRPMS/krb5-1.5.2-6.3mdv2007.1.src.rpm

Corporate 3.0:
f0547c5bf734e1e4e7ebdaaa45643183 corporate/3.0/i586/ftp-client-krb5-1.3-6.9.C30mdk.i586.rpm
e47318f20875193315c2f90a0aa73893 corporate/3.0/i586/ftp-server-krb5-1.3-6.9.C30mdk.i586.rpm
0c2b238bd3597f7207bf3a3ab3659364 corporate/3.0/i586/krb5-server-1.3-6.9.C30mdk.i586.rpm
dd4b1f9a85a297fbc03b8d2f38c6e43b corporate/3.0/i586/krb5-workstation-1.3-6.9.C30mdk.i586.rpm
1590e1a8231e0b5bfcbbdfaaa2832ed4 corporate/3.0/i586/libkrb51-1.3-6.9.C30mdk.i586.rpm
ec4d5de3a00caca779eec5d41d514e14 corporate/3.0/i586/libkrb51-devel-1.3-6.9.C30mdk.i586.rpm
3ff052270404ba6ee2649b11f3fef987 corporate/3.0/i586/telnet-client-krb5-1.3-6.9.C30mdk.i586.rpm
afed9d2d655fd6a8b84b270c7c02bb27 corporate/3.0/i586/telnet-server-krb5-1.3-6.9.C30mdk.i586.rpm
2457d3a60e45048a670ccfdcc0ecb378 corporate/3.0/SRPMS/krb5-1.3-6.9.C30mdk.src.rpm

Corporate 3.0/X86_64:
d97ee0f157987a221b80d9136ece289d corporate/3.0/x86_64/ftp-client-krb5-1.3-6.9.C30mdk.x86_64.rpm
c5684ae9f26b06083b96364d27cc6b17 corporate/3.0/x86_64/ftp-server-krb5-1.3-6.9.C30mdk.x86_64.rpm
c76727d14b575a3d95c626230fb36e21 corporate/3.0/x86_64/krb5-server-1.3-6.9.C30mdk.x86_64.rpm
d997ead69ebc1259cff22e0f95cd94b2 corporate/3.0/x86_64/krb5-workstation-1.3-6.9.C30mdk.x86_64.rpm
940488184a42d9488083f8505cf51f31 corporate/3.0/x86_64/lib64krb51-1.3-6.9.C30mdk.x86_64.rpm
6380542588680c89410735ffe7e4187c corporate/3.0/x86_64/lib64krb51-devel-1.3-6.9.C30mdk.x86_64.rpm
ad90e57cc1a38053b80dc992fb7e9821 corporate/3.0/x86_64/telnet-client-krb5-1.3-6.9.C30mdk.x86_64.rpm
88bff515db340c5ba1941d7911061df9 corporate/3.0/x86_64/telnet-server-krb5-1.3-6.9.C30mdk.x86_64.rpm
2457d3a60e45048a670ccfdcc0ecb378 corporate/3.0/SRPMS/krb5-1.3-6.9.C30mdk.src.rpm

Corporate 4.0:
efddcdd277b1aabfe333628806fe0760 corporate/4.0/i586/ftp-client-krb5-1.4.3-5.3.20060mlcs4.i586.rpm
726aacc0586b726a411b02b0c95f1fa9 corporate/4.0/i586/ftp-server-krb5-1.4.3-5.3.20060mlcs4.i586.rpm
82f95b50e28a98b39e02a5c3911a2b92 corporate/4.0/i586/krb5-server-1.4.3-5.3.20060mlcs4.i586.rpm
7c181fd1bc3f55f80f82b96301bb19cb corporate/4.0/i586/krb5-workstation-1.4.3-5.3.20060mlcs4.i586.rpm
2aae375fed863e40005547b81f4d6899 corporate/4.0/i586/libkrb53-1.4.3-5.3.20060mlcs4.i586.rpm
3b4b780acd51067ec8b3f83d13838bf4 corporate/4.0/i586/libkrb53-devel-1.4.3-5.3.20060mlcs4.i586.rpm
000a146dc869c4fc6bcb02b9ac6eaae1 corporate/4.0/i586/telnet-client-krb5-1.4.3-5.3.20060mlcs4.i586.rpm
34403d6595fc096d7e6b09d8e50ad7de corporate/4.0/i586/telnet-server-krb5-1.4.3-5.3.20060mlcs4.i586.rpm
f500eec032ef1404ae965d3a7b25bdb4 corporate/4.0/SRPMS/krb5-1.4.3-5.3.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
1ce29ebf6d7a319ab53350e38a8ef3af corporate/4.0/x86_64/ftp-client-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm
9df889b6fccdb1f5660a6ac1c1e019ac corporate/4.0/x86_64/ftp-server-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm
9dca2e1f57ca43a8c0f392c4f8cdea40 corporate/4.0/x86_64/krb5-server-1.4.3-5.3.20060mlcs4.x86_64.rpm
8e6b55bef97e7c0109c02d7caca2c434 corporate/4.0/x86_64/krb5-workstation-1.4.3-5.3.20060mlcs4.x86_64.rpm
32bc813142a311d128ac00437f9bbc6b corporate/4.0/x86_64/lib64krb53-1.4.3-5.3.20060mlcs4.x86_64.rpm
e08ce03ada5d6378509df0ba897a2b28 corporate/4.0/x86_64/lib64krb53-devel-1.4.3-5.3.20060mlcs4.x86_64.rpm
7d6e28c5837e5e3d1f57d3170209efa5 corporate/4.0/x86_64/telnet-client-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm
bc4796289d578b2fd226e26fd2e05765 corporate/4.0/x86_64/telnet-server-krb5-1.4.3-5.3.20060mlcs4.x86_64.rpm
f500eec032ef1404ae965d3a7b25bdb4 corporate/4.0/SRPMS/krb5-1.4.3-5.3.20060mlcs4.src.rpm

Multi Network Firewall 2.0:
387a140e280b355674318964905fc506 mnf/2.0/i586/libkrb51-1.3-6.9.M20mdk.i586.rpm
8100f18f25a150efc52414692e456b49 mnf/2.0/SRPMS/krb5-1.3-6.9.M20mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
lt;security*mandriva.comgt;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGga9JmqjQ0CJFipgRAuwPAJ9WZHyIKqGp2Zd3THW9I4FrnMiXHQCeK3Ix
aBJaUBpAxTQBi97q3ZfFNkk=
=x9wE
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/security_announce_mdksa_2007137__updated_krb5_packages_fix_vulnerabilities.html)